Comment 34 for bug 174375

To be honest, I'm mostly out of energy for this bug. We seem to have got things to a basically acceptable state and I'm very tempted to just close this out. The people who have fairly widespread bug-nomination-approval privileges as a result of this bug and for whom those privileges are at all disputed are people whose jobs involve working with bugs all the time; I think it's reasonable to expect that such people would learn the ropes pretty quickly or else move on.

The alternative is to create a fairly substantial new edifice to divide up the privileges further; and I think there's an argument that we are reaching the point of diminishing returns here. The LP security structure is pretty complicated already. Kate, would you be willing to go along with this?

The one point where this is genuinely awkward is that I'd like to grant ubuntu-release the ability to approve uploads to the development series as soon as my patch for per-pocket queue admin permissions is deployed; and *that* is too broad a permission to be granted to people who don't need it, as it's potentially quite disruptive if misused, even innocently. However, we could deal with this by a small team restructuring. Instead of ubuntu-release consisting of individual release team members directly plus ubuntu-release-nominators which contains various extra QA people, we could invert this: make ubuntu-release a member of ubuntu-release-nominators, and make ubuntu-release-nominators the driver for each Ubuntu series. It would then be straightforward to grant extra queue admin permissions to ubuntu-release.